WITH HOLIDAY SHOPPING SEASON NOW IN FULL SWING… SCHUMER: POPULAR “SMART” TVS, WEBCAMS & BABY MONITORS ALLOW HACKERS TO USE BUILT-IN CAMERAS TO SPY INTO HOMES & LIVE STREAM PRIVATE LIVES FOR ALL TO SEE; A FEAR REALIZED THIS WEEK WHEN RUSSIANS HACKED THOUSANDS OF AMERICANS – SENATOR CALLS FOR MANUFACTURERS TO MAKE IMMEDIATE SECURITY CHANGES TO NEW DEVICES TO PROTECT NYERS FROM VOYEURISM, ROBBERY & EVEN BLACKMAIL
Baby Monitors, WebCams & New “Smart” TV’s With Built-In
Cameras, Microphones, and Internet Access, Expose New Yorkers to Hackers
that Can Spy into Living Rooms & Bedrooms - Like the Foreign Websites
www.insecam.cc– Senator Says Manufacturers Lack Key Security Protections,
Like A Required Password Change Upon Setting Up Device
Russian Website, Now Shut Down, Demonstrated That Thousands of NYers Can
Easily Be Hacked Through Personal TVs & Other Devices, By Remotely
Turning On Cameras and Microphones, Spying On Families’ Living Rooms
& More – This Exposes NYers to Blackmail, Robbery When Homes Are Empty
Schumer Calls For TV, Camera, Baby Monitor Manufacturers To Adopt Improved
Standards Of Security To Be Used In All New Devices, Like Forcing Individualized
Passwords Rather than Using Default Passwords, Which Create An Easy Way
In For Hackers
As holiday shopping season ramps up, U.S. Senator Charles E. Schumer called on device manufacturers to adopt improved safety and security standards to help prevent hackers from breaking into individuals' camera-enabled devices, and live streaming personal lives for all to see. Schumer said that newer “smart” televisions and other devices, such as baby monitors or webcams, now equipped with built-in cameras, microphones and internet access, are valuable innovations but have posed a threat to New Yorkers since their development, and that concern became a reality last week when the Russian website www.insecam.cc hacked into homes and streamed live footage from thousands of cameras ranging from baby monitors, webcams and surveillance cameras. Hackers were able to access cameras when default passwords set by manufacturers remained unchanged once set up in a home or business. Schumer today said that, although that one website has since been changed, there’s nothing to prevent similar privacy breaches from occurring, which expose thousands of New Yorkers to voyeurism, robbery and even blackmail, and security settings, set by the device manufacturers, must change to protect consumers. Schumer today called for television, camera, and baby monitor manufacturers to improve security standards on these devices.
Specifically, Schumer said that manufacturers should require consumers
to automatically set a unique password when installing one of these products.
Schumer also applauded the Federal Trade Commission for its work protecting
consumers’ data security and privacy, including recent enforcement
actions. Schumer urged the Federal Trade Commission to pay specific attention
to this potential threat; to work with industry to adopt improved safety
and security standards so that hackers cannot break into these new devices;
and to use its enforcement authority against companies it finds are not
adequately protecting their consumers.
"Popular items on our shopping lists this holiday season include
‘smart’ television, webcams and baby monitors, but rather
than adding convenience and security to our homes, these devices roll
out the welcome mat for potential voyeurs, robbers, blackmailers and other
criminals,” said
Senator Schumer. “The recent privacy breach by Russian hackers unfortunately demonstrated
the urgency that we must take in improving security settings on these
great devices, and I am urging these manufacturers to better protect consumers
by making immediate changes to new camera-enabled devices, in conjunction
with experts at the FTC. A change in security policy, as simple as requiring
consumers to set a unique password upon setup of their device, could prevent
similar cyber attacks from being successful in the future."
Schumer said that without changes to security settings on internet-enabled
camera devices, like smart televisions and new baby monitors, the private
lives of consumers can be publicly exposed on the web. But that is not
the only risk - these devices also collect sensitive data that could be
exposed if the devices are hacked. According to experts at the Liberty
and National Security Program at the Brennan Center for Justice at NYU
School of Law, “smart” televisions log the amount of time
you watch tv, the content of what is being watched, and more. These devices
also record which apps the owner uses, detects content in particular email
messages and which websites are visited, and ignores “do-not-track”
requests. Smart televisions utilize facial and voice recognition through
built-in cameras and microphones, and anything detected through those
devices can be captured and transmitted to a third party as privacy and
security policy currently stands.
Schumer urged major manufacturers to institute improved security standards
for new products. Schumer explained that the recent privacy breach by
Russian hackers highlighted a major security flaw and consumers should
not feel that they are being spied on. Schumer made the case that more
personalized security, like ending the practice of default passwords and
instead requiring consumers to set their own unique passwords, would assure
consumers that manufacturers are doing everything possible to prevent
hackers from gaining access into their living room, bedroom and more.
According to recent reports, hackers in Russia broke into over 70,000 cameras
across the world, including over 4,000 cameras in the United States, by
using camera manufacturers' default passwords. Live video feed from
the hacked cameras had at one time been streamed on the foreign website
www.insecam.cc.The site says its purpose is "to show the importance of settings
and changing the security settings on internet cameras."
The types of cameras hacked included baby monitors, webcams, “smart”
tvs with built in cameras, and surveillance cameras. Live-streamed footage
on the site included everything from babies sleeping in their cribs to
footage of store employees working behind a counter to the hallway of
a high school. The website,
www.insecam.cc, recently announced that they had removed all cameras that use default
password settings and now, only public cameras without any password protection
are available on the site. Schumer today said that, even with these changes,
cameras using default passwords are still at risk to future hacking by
anyone else using the same trick the Russian site had used.